New in Symfony 4.4: HttpClient Improvements
In Symfony 4.4, the HttpClient component added lots of new features to make debugging easier, to improve interoperability with other libraries, to add NTLM authentication and to improve buffering and JSON requests.
November 18, 2019
Javier Eguiluz
A Week of Symfony #672 (11-17 November 2019)
This week, Symfony 2.8.52, 3.4.35, 4.2.12 and 4.3.8 versions were published to fix some security vulnerabilities. In addition, Symfony 4.4-beta and 5.0-beta were published so you can test these upcoming versions in your projects. Meanwhile, the new ErrorHandler component was simplified and performance was improved when checking for cache freshness. Finally, the upcoming Symfony 5: The Fast Track book published some updates and will be fully unveiled next week at the SymfonyCon Amsterdam 2019 conference.
November 17, 2019
Javier Eguiluz
Let's talk at SymfonyCon!
As part of the efforts of the diversity initiative we are looking at ways to make the experience for everyone more enjoyable and to make it easier for newcomers to get a foothold in the community. So one of the things we want to help achieve is to allow people to build networks. Since not everyone is a natural at this we would like to highlight to concrete ways in which we hope to make it easier for everyone: Conference buddies and sticker.
November 15, 2019
Lukas Kahwe Smith
Updates About the "Symfony 5: The Fast Track" Book
The contents of the new book about Symfony 5 have been completed on time. Read the full table of contents and find out other surprising facts about the book.
November 14, 2019
Javier Eguiluz
CVE-2019-18888: Prevent argument injection in a MimeTypeGuesser
CVE-2019-18888 fixes an issue where provided file paths to the MimeTypeGuesser were not properly escaped before being executed.
November 13, 2019
Fabien Potencier
CVE-2019-11325: Fix escaping of strings in VarExporter
CVE-2019-11325 fixes an issue where some strings were not properly escaped while dumping, leading to possible remote code execution.
November 13, 2019
Fabien Potencier
CVE-2019-18886: Prevent user enumeration using switch user functionality
CVE-2019-18886 fixes an issue where one could enumerate users using the switch user functionality as different behaviour would occur when a user existed compared to when a user did not
November 13, 2019
Fabien Potencier
CVE-2019-18887: Use constant time comparison in UriSigner
CVE-2019-18887 fixes an issue where one could guess the signature of an URI using a remote timing attack.
November 13, 2019
Fabien Potencier
CVE-2019-18889: Forbid serializing AbstractAdapter and TagAwareAdapter instances
CVE-2019-18889 fixes an issue where the destructor of TagAwareAdapter execute callables stored in properties, leading to possible remote code execution when an external payload is unserialized.
November 13, 2019
Fabien Potencier
A Week of Symfony #671 (4-10 November 2019)
This week, we continued polishing the upcoming Symfony 4.4 and 5.0 releases. We also merged some pending new features, such as a command to lint services wiring and the removal of SecretEnvVarProcessor to simplify the management of encrypted secrets in configuration.
November 10, 2019
Javier Eguiluz
New in Symfony 4.4: Better Control of Console Progress Bars
In Symfony 4.4, two new methods will allow you to better control how the progress bars are redrawn in console commands.
November 8, 2019
Javier Eguiluz
New in Symfony 4.4: Cache Improvements
In Symfony 4.4, you can use URL DSN to configure PDO adapters, deleting cache items will be much faster, configuring chained cache pools will be simpler and new marshallers will reduce the space needed to store contents.
November 7, 2019
Javier Eguiluz
New in Symfony 4.4: Week Form Type
Symfony 4.4 will include a new WeekType form field to deal with week numbers as defined in the ISO 8601 standard.
November 6, 2019
Javier Eguiluz
New in Symfony 4.4: Bootstrap Custom Switches
In Symfony 4.4, forms can style checkboxes with Bootstrap's custom switches.
November 4, 2019
Javier Eguiluz
A Week of Symfony #670 (28 October - 3 November 2019)
This week, Symfony 3.4.33 and 4.3.6 maintenance versions were released. Meanwhile, we continued polishing the upcoming Symfony 4.4 version, specially the Messenger component. Lastly, SymfonyInsight introduced a new feature to help you upgrade to Symfony 5.
November 3, 2019
Javier Eguiluz